ping...
On Sun, 8 Mar 2020 12:18:39 +0100
Robert Klein wrote:
> Hi,
>
> I thought a bit more about using LDAP resultCode values and I think
> some intermediate values are needed so it is clearer what happens.
>
> Also, I found out a clients connection hangs in the "Database is being
> reopened
Hi,
I thought a bit more about using LDAP resultCode values and I think some
intermediate values are needed so it is clearer what happens.
Also, I found out a clients connection hangs in the "Database is being
reopened" case in ldap_auth_simple().
Below is a patch proposal that
1. patches the o
On Fri, 6 Mar 2020 21:50:34 +0100
Robert Klein wrote:
> Hi,
>
>
> sorry, I simply forgot ldap_auth_sasl.
>
> LDAP_OTHER is a good return code for imsg failure and I really like
> the idea of using the LDAP return codes right away instead of the
> extra mapping.
>
> Your patch however doesn't
Hi,
sorry, I simply forgot ldap_auth_sasl.
LDAP_OTHER is a good return code for imsg failure and I really like the
idea of using the LDAP return codes right away instead of the extra
mapping.
Your patch however doesn't work for SASL authentication (and
ldapsearch gives some strange messages), b
I agree that returning Operations Error is the wrong return value.
I don't agree that we should *always* return invalidCredentials,
however, acting like the other LDAP servers on an invalid entry seems
reasonable to me. One option I do see is if we can't create an imsg
to the parent process handlin
urn 49 (Invalid
Credentials) on bind attempts.
Best regards
Robert
---
commit e9fe05bf15bf216ea7759cd64f17103008e1b69e (master)
from: Robert Klein
date: Sun Mar 1 15:49:40 2020 UTC
ldapd: fix return values for illegal p